Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/3363c0-63cc-4588-a03b-fdd081e779de/1/p9E_8sdtuLrYoHTbW_-2otyDlkQ.roa
File: p9E_8sdtuLrYoHTbW_-2otyDlkQ.roa (raw, json)
Hash identifier: yZaHRYrdXeMx+nN0WcoXgtASErTpm5SUvlpvrjdDJCM=
Subject key identifier: A7:D1:3F:F2:C7:6D:B8:BA:D8:A0:74:DB:5B:FF:B6:A2:DC:83:96:44
Certificate issuer: /CN=df22a4abb9339f65e81f871fc454995f5bf2a016
Certificate serial: 0185711E824816835287D2B10134BF415610
Authority key identifier: DF:22:A4:AB:B9:33:9F:65:E8:1F:87:1F:C4:54:99:5F:5B:F2:A0:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3yKkq7kzn2XoH4cfxFSZX1vyoBY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/3363c0-63cc-4588-a03b-fdd081e779de/1/p9E_8sdtuLrYoHTbW_-2otyDlkQ.roa
Signing time: Mon 02 Jan 2023 06:15:02 +0000
ROA not before: Mon 02 Jan 2023 06:15:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204790
IP address blocks: 2a11:7a80::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:1e:82:48:16:83:52:87:d2:b1:01:34:bf:41:56:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df22a4abb9339f65e81f871fc454995f5bf2a016
Validity
Not Before: Jan 2 06:15:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a7d13ff2c76db8bad8a074db5bffb6a2dc839644
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:42:32:17:5a:ec:01:0a:59:27:12:b2:34:a6:
a3:12:76:a0:de:6f:13:fe:fb:57:b0:6b:74:d5:d7:
37:72:5f:10:24:9e:c1:e6:41:58:05:4f:35:08:ed:
af:ca:59:6c:cd:c0:0c:d8:b8:6e:62:db:28:f3:89:
15:68:91:bc:b4:a6:40:4d:93:2a:3a:a9:f1:6a:8a:
c8:5a:6e:3f:1b:06:f1:92:99:50:a3:01:78:bf:53:
c2:ca:d0:cd:f0:a6:40:f1:5c:38:f0:a3:c7:cd:94:
7d:46:6e:d0:7e:7a:1a:a0:e5:36:0e:68:33:6b:f1:
43:c2:97:e8:d5:79:a2:3a:e1:e8:17:91:20:df:70:
7e:bc:57:6f:34:69:f5:c5:4a:40:3f:06:7b:12:90:
20:4a:93:aa:f8:6c:9b:f7:05:fc:e5:0d:57:37:1f:
5c:88:73:01:25:06:25:f9:27:9b:8e:6e:01:a3:66:
0f:53:97:10:24:98:a7:6d:74:ce:66:2a:f4:fc:c9:
cc:a6:01:66:04:c1:9d:23:50:2d:68:41:d0:10:80:
47:1f:31:b9:b9:2e:9e:b6:b9:13:ce:5c:a9:ca:39:
6d:8f:de:1e:83:63:da:3d:0a:9c:a0:a2:5e:14:04:
95:76:25:19:bf:33:f6:d4:75:00:43:74:42:e2:3e:
91:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:D1:3F:F2:C7:6D:B8:BA:D8:A0:74:DB:5B:FF:B6:A2:DC:83:96:44
X509v3 Authority Key Identifier:
keyid:DF:22:A4:AB:B9:33:9F:65:E8:1F:87:1F:C4:54:99:5F:5B:F2:A0:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3yKkq7kzn2XoH4cfxFSZX1vyoBY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/3363c0-63cc-4588-a03b-fdd081e779de/1/p9E_8sdtuLrYoHTbW_-2otyDlkQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/3363c0-63cc-4588-a03b-fdd081e779de/1/3yKkq7kzn2XoH4cfxFSZX1vyoBY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:7a80::/29
Signature Algorithm: sha256WithRSAEncryption
58:18:20:fa:7c:10:03:5a:7c:76:f9:0f:7f:25:7f:f8:d2:9a:
b0:06:69:a0:ca:75:12:00:32:ca:de:e9:76:e0:62:c5:6f:86:
c2:2a:62:70:f0:9b:12:df:ed:d4:f2:a7:33:a3:c3:ad:d1:3d:
ca:3f:7a:60:ab:9e:1f:32:90:c5:69:9c:b6:94:ab:8b:92:9d:
90:c6:1f:e5:99:93:d4:6d:06:fb:4d:5d:e1:17:4a:25:b9:49:
74:fc:3b:03:7b:97:67:b0:fa:1f:01:6c:72:b3:05:09:cd:4a:
c7:c1:ea:73:ed:68:59:b8:36:80:06:0f:20:5a:74:37:39:af:
d6:5d:35:9f:d3:b3:d8:7b:bb:6e:46:a6:34:d2:18:87:12:76:
8b:a0:24:ad:c5:89:75:c9:45:cd:ff:15:5a:9a:fe:0d:b6:47:
8b:22:98:91:cb:91:49:42:29:25:b8:92:7b:a4:91:38:57:e0:
26:56:2d:de:ca:2a:a4:0f:09:ab:65:df:84:42:8c:7d:53:63:
44:b3:84:6f:8c:bf:38:f8:c6:7b:d5:82:ed:14:18:43:c9:c7:
87:c2:13:7c:1a:61:85:ce:34:00:02:62:d2:20:54:31:5c:5a:
7d:39:61:7d:cf:26:7a:d6:ad:9d:14:dd:07:6d:06:af:7b:ff:
e8:f5:6c:f9
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVxHoJIFoNSh9KxATS/QVYQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmMjJhNGFiYjkzMzlmNjVlODFmODcxZmM0NTQ5OTVmNWJm
MmEwMTYwHhcNMjMwMTAyMDYxNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhN2QxM2ZmMmM3NmRiOGJhZDhhMDc0ZGI1YmZmYjZhMmRjODM5NjQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjkIyF1rsAQpZJxKyNKajEnag3m8T
/vtXsGt01dc3cl8QJJ7B5kFYBU81CO2vyllszcAM2LhuYtso84kVaJG8tKZATZMq
OqnxaorIWm4/GwbxkplQowF4v1PCytDN8KZA8Vw48KPHzZR9Rm7QfnoaoOU2Dmgz
a/FDwpfo1XmiOuHoF5Eg33B+vFdvNGn1xUpAPwZ7EpAgSpOq+Gyb9wX85Q1XNx9c
iHMBJQYl+Sebjm4Bo2YPU5cQJJinbXTOZir0/MnMpgFmBMGdI1AtaEHQEIBHHzG5
uS6etrkTzlypyjltj94eg2PaPQqcoKJeFASVdiUZvzP21HUAQ3RC4j6RNwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFKfRP/LHbbi62KB021v/tqLcg5ZEMB8GA1UdIwQY
MBaAFN8ipKu5M59l6B+HH8RUmV9b8qAWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3lLa3E3a3puMlhvSDRjZnhGU1pYMXZ5b0JZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My8zMzYzYzAtNjNjYy00NTg4LWEwM2It
ZmRkMDgxZTc3OWRlLzEvcDlFXzhzZHR1THJZb0hUYldfLTJvdHlEbGtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My8zMzYzYzAtNjNjYy00NTg4LWEwM2ItZmRkMDgxZTc3OWRl
LzEvM3lLa3E3a3puMlhvSDRjZnhGU1pYMXZ5b0JZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhF6gDAN
BgkqhkiG9w0BAQsFAAOCAQEAWBgg+nwQA1p8dvkPfyV/+NKasAZpoMp1EgAyyt7p
duBixW+GwipicPCbEt/t1PKnM6PDrdE9yj96YKueHzKQxWmctpSri5KdkMYf5ZmT
1G0G+01d4RdKJblJdPw7A3uXZ7D6HwFscrMFCc1Kx8Hqc+1oWbg2gAYPIFp0Nzmv
1l01n9Oz2Hu7bkamNNIYhxJ2i6AkrcWJdclFzf8VWpr+DbZHiyKYkcuRSUIpJbiS
e6SROFfgJlYt3soqpA8Jq2XfhEKMfVNjRLOEb4y/OPjGe9WC7RQYQ8nHh8ITfBph
hc40AAJi0iBUMVxafTlhfc8metatnRTdB20Gr3v/6PVs+Q==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:55 2023 by rpki-client on console-fra.rpki-client.org